Detection of Intrusions and Malware, and Vulnerability Assessment

1. Front Matter

   Pages I-XII

   PDF

2. Attacks

   1. Front Matter

      Pages 1-1

      PDF

   2. Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks

      • Amin Kharraz, William Robertson, Davide Balzarotti, Leyla Bilge, Engin Kirda

      Pages 3-24

   3. “Nice Boots!” - A Large-Scale Analysis of Bootkits and New Ways to Stop Them

      • Bernhard Grill, Andrei Bacs, Christian Platzer, Herbert Bos

      Pages 25-45

   4. C5: Cross-Cores Cache Covert Channel

      • Clémentine Maurice, Christoph Neumann, Olivier Heen, Aurélien Francillon

      Pages 46-64

3. Attack Detection

   1. Front Matter

      Pages 65-65

      PDF

   2. Intrusion Detection for Airborne Communication Using PHY-Layer Information

      • Martin Strohmeier, Vincent Lenders, Ivan Martinovic

      Pages 67-77

   3. That Ain’t You: Blocking Spearphishing Through Behavioral Modelling

      • Gianluca Stringhini, Olivier Thonnard

      Pages 78-97

   4. Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics

      • Tobias Wüchner, Martín Ochoa, Alexander Pretschner

      Pages 98-118

4. Binary Analysis and Mobile Malware Protection

   1. Front Matter

      Pages 119-119

      PDF

   2. Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries

      • Mario Polino, Andrea Scorti, Federico Maggi, Stefano Zanero

      Pages 121-143

   3. Fine-Grained Control-Flow Integrity Through Binary Hardening

      • Mathias Payer, Antonio Barresi, Thomas R. Gross

      Pages 144-164

   4. Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software

      • Iasonas Polakis, Michalis Diamantaris, Thanasis Petsas, Federico Maggi, Sotiris Ioannidis

      Pages 165-184

5. Social Networks and Large-Scale Attacks

   1. Front Matter

      Pages 185-185

      PDF

   2. The Role of Cloud Services in Malicious Software: Trends and Insights

      • Xiao Han, Nizar Kheir, Davide Balzarotti

      Pages 187-204

   3. Capturing DDoS Attack Dynamics Behind the Scenes

      • An Wang, Aziz Mohaisen, Wentao Chang, Songqing Chen

      Pages 205-215

   4. Quit Playing Games with My Heart: Understanding Online Dating Scams

      • JingMin Huang, Gianluca Stringhini, Peng Yong

      Pages 216-236

6. Web and Mobile Security

   1. Front Matter

      Pages 237-237

      PDF

   2. More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations

      • Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor, Kevin Butler

      Pages 239-260

   3. May I? - Content Security Policy Endorsement for Browser Extensions

      • Daniel Hausknecht, Jonas Magazinius, Andrei Sabelfeld

      Pages 261-281

This book constitutes the refereed proceedings of the 12th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2015, held in Milan, Italy, in July 2015.
The 17 revised full papers presented were carefully reviewed and selected from 75 submissions. The papers are organized in topical sections on attacks, attack detection, binary analysis and mobile malware protection, social networks and large-scale attacks, Web and mobile security, and provenance and data sharing.

• Anomaly detection
• Application security
• Bootkits
• Cloud computing
• Denial-of-service attacks
• Domain-specific privacy
• Domain-specific security
• Information flow control
• Intrusion detection
• Malware mitigation
• Privacy-preserving protocols
• Reverse engineering
• Security and privacy
• Security in hardware
• Social engineering attacks
• Social networks
• Software security
• System security
• Web application security

• Chalmers University of Technology, Gothenburg, Sweden

  Magnus Almgren, Vincenzo Gulisano

• Politecnico di Milano, Milan, Italy

  Federico Maggi

Policies and ethics